For many people, the line between work and personal life is blurred. When it comes to mobile devices, 80 percent of the workforce admits to using their devices for both business and private use which means personal data and company data will naturally converge onto a single device. What’s becoming increasingly important, is how to protect the data stored on and being accessed from these devices to ensure mobile workforce security.
So how much are those corporate emails or family photos worth to the average person? A recent study, How Much Is the Data on Your Mobile Device Worth?, conducted by the Ponemon Institute, took a look at the value of our mobile devices and the risks involved with bringing personal devices onto the corporate network. The study asked participants to estimate the value of their devices, including replacement costs and/or value of the data. The average value assessed by participants was $14,000, with photos being the highest valued asset at $3,074. Next on the list was contact lists (personal and business) at $2,654 and personal apps at $2,096.
But how safe is this data we deem so valuable? The research found an increasing amount of sensitive and confidential information stored on mobile devices, yet both personal and enterprise security practices are not providing adequate protection. Fifty-five percent of respondents said they are concerned about the work-related data they access and store on their mobile devices, yet 50 percent do nothing to secure it. Plus, a shocking 68 percent of respondents admitted to sharing passwords across personal and work accounts.
The discrepancy between corporate IT and the employees’ idea of the level of access using personal devices was also concerning. While the IT department believed only 19 percent of employees have access to customer records, 43 percent of polled employees said they have access.
The bottom line is that corporate IT should take a long hard look at mobile security before it’s too late. A proactive approach is always preferred, and adding a 2nd layer of authentication will help ensure users are fully identified and authenticated before they are granted access to your most valuable assets.
The most common two-factor authentication solutions used today are one-time passwords (OTP) and PKI authentication. With OTP authentication, the user is only granted access if a passcode is simultaneously generated in two places: on the authentication server and one the hardware or software token (OTP app) in the user’s possession. Digital identity certificates – or PKI – further raise the mobile security bar and enables other applications such as digital signature and file encryption.
But because most mobile devices don’t have USB slots or embedded smart card readers, it can be challenging to use smart cards on the go. Bluetooth – a connectivity channel implemented across different endpoints can tackle this problem, making authentication compatible with any mobile device. For example, Gemalto MobilePKI solutions enables providers to choose either a Bluetooth-enabled badge holder or USB token. See how it works in the video Enterprise Mobile Security.
Whatever solution best fits your organization’s needs, two-factor authentication is imperative to secure any enterprise that supports an on-the-go mobile workforce.